1

Topic: localhost.localdomain instead of my real host

Hi all,
my iRedMail powered mail server is on the go! And it rocks! smile
Now I have to solve a few minor issues to have it perfect!

The first one: even if I set everywhere my real hostname (e.g. node.domain.com), somewhere localhost.localdomain appears instead of node.domain.com... For example it appears into the certificate when I connect to the IMAP server through a SSL connection. It appears in the awstats page ("Statistics fo localhost.localdomain")... et cetera.

Is this normal or I forgot to set something?

Thanks in advance.

2

Re: localhost.localdomain instead of my real host

SSL cert issue: you have to create a new cert file to replace the default one. Refer to file 'iRedMail-x.y.z/functions/packages.sh' (at the bottom of this file).

Note: Do NOT forget to set advance access control list for other users/programs, so that they have 'READ' permission to this cert file, include ldap and apache, etc. Search in the iRedMail-x.y.z/ directory and you will get it:

# cd /path/to/iRedMail-x.y.z/
# grep -r 'setfacl' *

Awstats issue: 'statistics for localhost.localdomain' means it uses /etc/awstats/awstats.localhost.localdomain.conf file as config file. Access another site and you get it like this:
https://your_server/awstats/awstats.pl?config=node.domain.com

It will read /etc/awstats/awstats.node.domain.com.conf. You can rename awstats.node.domain.com.conf to awstats.localhost.localdomain.conf, this make it the default one.

3

Re: localhost.localdomain instead of my real host

Since this server is working... I prefer to be sure! ^_^
First of all I have to run again this:

openssl req \
        -x509 -nodes -days 3650 -newkey rsa:1024 \
        -subj "/C=${TLS_COUNTRY}/ST=${TLS_STATE}/L=${TLS_CITY}/O=${TLS_COMPANY}/OU=${TLS_DEPARTMENT}/CN=${TLS_HOSTNAME}/emailAddress=${TLS_ADMIN}/" \
        -out ${SSL_CERT_FILE} -keyout ${SSL_KEY_FILE} >/dev/null 2>&1

Where (in my case):
${TLS_COUNTRY} = IT
${TLS_STATE} = Italy
${TLS_CITY} = My_city
${TLS_COMPANY} = My_company_name
${TLS_DEPARTMENT} =
${TLS_HOSTNAME} = Hostname_registered_as_MX_record
${TLS_ADMIN} = postmaster@mydomain.it
${SSL_CERT_FILE} = ??? <-- What path? Which name?
${SSL_KEY_FILE} = ??? <-- What path? Which name?

For example:

# openssl req \
        -x509 -nodes -days 3650 -newkey rsa:1024 \
        -subj "/C=IT/ST=Italy/L=My_City/O=My_Company/OU=/CN=mail.mydomain.it/emailAddress=postmaster@mydomain.it/" \
        -out /right/path/to/the/cert -keyout /right/path/to/the/key

# chmod 0444 /right/path/to/the/cert
# chmod 0400 /right/path/to/the/key

Then, since I'm using MySQL instead of LDAP... what to do?

4 (edited by Rashef 2009-06-06 15:15:06)

Re: localhost.localdomain instead of my real host

Any tips?

neutral

5

Re: localhost.localdomain instead of my real host

Rashef wrote:

${TLS_DEPARTMENT} =

Empty? why not give it a value?

${TLS_ADMIN} = postmaster@mydomain.it

A valid email address which can receive mail is recommend.

${SSL_CERT_FILE} = ??? <-- What path? Which name?
${SSL_KEY_FILE} = ??? <-- What path? Which name?

Defined in iRedMail-x.y.z/conf/global:

    export SSL_FILE_DIR="/etc/pki/tls" # <- RedHat/CentOS
    export SSL_FILE_DIR="/etc/ssl"     # <- Debian/Ubuntu

export SSL_CERT_FILE="${SSL_FILE_DIR}/certs/iRedMail_CA.pem"
export SSL_KEY_FILE="${SSL_FILE_DIR}/private/iRedMail.key"

Then, since I'm using MySQL instead of LDAP... what to do?

What do you want to do?

6

Re: localhost.localdomain instead of my real host

Is there anything else to do to assure all have right 'READ' permission to this cert file?

7

Re: localhost.localdomain instead of my real host

Rashef wrote:

Is there anything else to do to assure all have right 'READ' permission to this cert file?

Use 'getfacl' command to read the permissions of these two files, and then use 'setfacl' command to set correct permissions on new files.

# setfacl -m u:ldap:r-- /etc/pki/tls/private/iRedMail.key

8 (edited by Rashef 2009-06-06 19:42:39)

Re: localhost.localdomain instead of my real host

Thank you so much! This is only for LDAP or is enough for MySQL too?

9

Re: localhost.localdomain instead of my real host

Only for LDAP.